On Tue, 7 Jun 2016 13:46:13 -0400 Alex wrote: > Hi all, > > I'm curious about the RCVD_IN_SBL_CSS rule and its 3.5 score. Doesn't > this seem a bit high? > > I'm already using postscreen to add 4 points to messages received with > zen/sbl with return code 127.0.0.3, but also seeing quite a few > RCVD_IN_SBL_CSS hits, so I'm assuming this is the result of the 4 > postscreen points not being enough for it to be rejected outright, > then subsequently being tagged by spamassassin. > > These are "deep header" rules, though. Should users be penalized so > severely for using a dynamic address when it may not have been them > responsible for sending the spam that blacklisted that IP?
They are supposed to be addresses from blocks that are believed to have been allocated to snowshoe spammers.
